Advance wireless security choices
Securing a wireless network requires authentication and encryption technologies. Authentication is the process of ensuring that a user is authorized to access the wireless network. For personal networks, authentication is usually handled with a username and password. In the corporate environment, authentication technologies include digital certificates, smart cards, and biometric information, such as a fingerprint.
Encryption makes information traveling over the wireless network unreadable to anyone who is eavesdropping on the transmission. Encryption algorithms (formulas) convert plain text into cipher text. Different encryption algorithms provide different levels of security.
Wireless authentication and encryption technologies. The original 802.11 Wi-Fi specification included WEP (Wired Equivalent Privacy) technology to address authentication and encryption requirements. However, the security provided by WEP proved insufficient. For example, the WEP encryption key, which defines the translation of plain text into cipher text, is static and does not change. By collecting a network’s transmissions and using WEP-cracking tools, hackers can determine the encryption key and decode the information.
As a result of the security problems in WEP, the Wi-Fi industry began developing the more secure IEEE 802.11i standard. Until the new standard was finalized, however, the industry adopted WPA (Wi-Fi Protected Access) as an interim solution. WPA contains many improvements and addresses most of the security issues found in WEP.
The 802.11i standard, also known as WPA2 (Wi-Fi Protected Access 2), was released in 2004 and is available on newer wireless devices. WPA2 differs from WPA in that it includes the AES (Advanced Encryption Standard), a strong cryptographic technology required by the U.S. government and some corporations. For authentication, WPA2 uses the same methods as WPA.
How to choose. To protect network transmissions and sensitive information, your wireless network should operate with the strongest encryption method supported by your wireless AP and devices. Of the three options for securing wireless transmissions, WPA2 is the newest and most secure technology.
Some wireless APs can accommodate a mixture of wireless technologies, and others require you to select only one. For example, if your wireless AP supports WPA2 mixed mode, it can handle WPA and WPA2 on the same SSID. An alternative, if the wireless AP supports it, is to create multiple SSIDs, each with a different wireless security standard.
If your wireless AP limits the network to a single security standard, all of your devices must support it. To use WPA2, for example, the wireless AP and your wireless devices (notebooks, PDAs, barcode scanners) must also support WPA2. (The Wi-Fi Alliance maintains a list of WPA and WPA2 certified devices at certifications.wi-fi.org/wbcs_certi
fied_products.php.) The following information discusses each technology in more detail.
WEP. WEP is considered unsecure, primarily because the encryption key is static and does not change. However, if WEP is your only alternative, it is more secure than no encryption at all. And unlike WPA and WPA2, WEP operates on Win98/Me/XP systems. WPA and WPA2 work with WinXP only.
To use WEP, first configure your wireless AP (as we mentioned earlier, you’ll use your browser and admin software). If possible, select 128-bit encryption, which is stronger than 64-bit encryption. For the passphrase, use a combination of hard-to-guess letters and numbers appropriate for a strong password. After saving this information on the wireless AP, configure the same settings on your wireless devices and test device connectivity
More at Google